Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:PROXY:SQUID-CACHE-UPDATE

Severity

 Medium

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Squid Proxy Cache Update Denial of Service

Release Date

 2010/10/20

Update Number

 1795

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Squid Proxy Cache Update Denial of Service


This signature detects attempts to exploit a known vulnerability against Squid Web Proxy. A successful attack can result in a denial-of-service condition.

Extended Description

Squid is prone to a remote denial-of-service vulnerability because the proxy server fails to perform boundary checks before copying user-supplied data into process buffers. Successfully exploiting this issue allows remote attackers to crash the affected application, denying further service to legitimate users. Attackers may also be able to execute arbitrary code, but this has not been confirmed. This issue affects Squid 2.6.STABLE16 and prior versions. All Squid-3 snapshots and prereleases up to the November 28 snapshot are also vulnerable.

Affected Products

  • Debian Linux 4.0
  • Debian Linux 4.0 Alpha
  • Debian Linux 4.0 Amd64
  • Debian Linux 4.0 Arm
  • Debian Linux 4.0 Hppa
  • Debian Linux 4.0 Ia-32
  • Debian Linux 4.0 Ia-64
  • Debian Linux 4.0 M68k
  • Debian Linux 4.0 Mips
  • Debian Linux 4.0 Mipsel
  • Debian Linux 4.0 Powerpc
  • Debian Linux 4.0 S/390
  • Debian Linux 4.0 Sparc
  • Gentoo Linux
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Linux Mandrake 2007.0
  • Mandriva Linux Mandrake 2007.0 X86 64
  • Mandriva Linux Mandrake 2007.1
  • Mandriva Linux Mandrake 2007.1 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Multi Network Firewall 2.0.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
  • Red Hat Desktop 3.0.0
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux AS 2.1
  • Red Hat Enterprise Linux AS 2.1 IA64
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux AS 4.5.Z
  • Red Hat Enterprise Linux AS 4.6.Z
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 2.1
  • Red Hat Enterprise Linux ES 2.1 IA64
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux ES 4.5.Z
  • Red Hat Enterprise Linux ES 4.6.Z
  • Red Hat Enterprise Linux WS 2.1
  • Red Hat Enterprise Linux WS 2.1 IA64
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora 7
  • Red Hat Fedora 8
  • Squid Web Proxy Cache 2.0.0 PATCH2
  • Squid Web Proxy Cache 2.1.0 PATCH2
  • Squid Web Proxy Cache 2.3.0 .STABLE4
  • Squid Web Proxy Cache 2.3.0 .STABLE5
  • Squid Web Proxy Cache 2.4.0
  • Squid Web Proxy Cache 2.4.0 .STABLE2
  • Squid Web Proxy Cache 2.4.0 .STABLE4
  • Squid Web Proxy Cache 2.4.0 .STABLE6
  • Squid Web Proxy Cache 2.4.0 .STABLE7
  • Squid Web Proxy Cache 2.5.0 .STABLE1
  • Squid Web Proxy Cache 2.5.0 .STABLE10
  • Squid Web Proxy Cache 2.5.0 .STABLE3
  • Squid Web Proxy Cache 2.5.0 .STABLE4
  • Squid Web Proxy Cache 2.5.0 .STABLE5
  • Squid Web Proxy Cache 2.5.0 .STABLE6
  • Squid Web Proxy Cache 2.5.0 .STABLE7
  • Squid Web Proxy Cache 2.5.0 .STABLE8
  • Squid Web Proxy Cache 2.5.0 .STABLE9
  • Squid Web Proxy Cache 2.5.STABLE11
  • Squid Web Proxy Cache 2.5.STABLE12
  • Squid Web Proxy Cache 2.5.STABLE13
  • Squid Web Proxy Cache 2.5.STABLE14
  • Squid Web Proxy Cache 2.6
  • Squid Web Proxy Cache 2.6.STABLE1
  • Squid Web Proxy Cache 2.6.STABLE12
  • Squid Web Proxy Cache 2.6.STABLE13
  • Squid Web Proxy Cache 2.6.STABLE14
  • Squid Web Proxy Cache 2.6.STABLE15
  • Squid Web Proxy Cache 2.6.STABLE16
  • Squid Web Proxy Cache 2.6.STABLE2
  • Squid Web Proxy Cache 2.6.STABLE3
  • Squid Web Proxy Cache 2.6.STABLE4
  • Squid Web Proxy Cache 2.6.STABLE5
  • Squid Web Proxy Cache 2.6.STABLE6
  • Squid Web Proxy Cache 2.6.STABLE7
  • Squid Web Proxy Cache 3.0.0
  • Squid Web Proxy Cache 3.0.0 PRE1
  • Squid Web Proxy Cache 3.0.0 PRE2
  • Squid Web Proxy Cache 3.0.0 PRE3
  • SuSE Linux 10.0 Ppc
  • SuSE Linux 10.0 X86
  • SuSE Linux 10.0 X86-64
  • SuSE Linux 10.1 Ppc
  • SuSE Linux 10.1 X86
  • SuSE Linux 10.1 X86-64
  • SuSE openSUSE 10.2
  • SuSE openSUSE 10.3
  • Turbolinux Appliance Server 1.0.0 Hosting Edition
  • Turbolinux Appliance Server 1.0.0 Workgroup Edition
  • Turbolinux Appliance Server 2.0
  • Turbolinux Appliance Server Hosting Edition 1.0.0
  • Turbolinux Appliance Server Workgroup Edition 1.0.0
  • Turbolinux Turbolinux Server 10.0.0
  • Turbolinux Turbolinux Server 10.0.0 X64
  • Turbolinux Turbolinux Server 11
  • Turbolinux Turbolinux Server 11 X64
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 6.10 Amd64
  • Ubuntu Ubuntu Linux 6.10 I386
  • Ubuntu Ubuntu Linux 6.10 Powerpc
  • Ubuntu Ubuntu Linux 6.10 Sparc
  • Ubuntu Ubuntu Linux 7.04 Amd64
  • Ubuntu Ubuntu Linux 7.04 I386
  • Ubuntu Ubuntu Linux 7.04 Powerpc
  • Ubuntu Ubuntu Linux 7.04 Sparc
  • Ubuntu Ubuntu Linux 7.10 Amd64
  • Ubuntu Ubuntu Linux 7.10 I386
  • Ubuntu Ubuntu Linux 7.10 Powerpc
  • Ubuntu Ubuntu Linux 7.10 Sparc

References

  • BugTraq: 26687
  • CVE: CVE-2007-6239

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out